By Radwan Farraj
A flood of scam emails circulated CUNY recently, offering instruments for sale, part-time job opportunities, or even financial aid stipends to many students and staff. Though the fraudulent phishing emails are not new to the university, reports of scam emails have more than doubled nationally, according to an FBI Internet Crime Report published in 2020.
These emails are not limited in who they target, as seen by the surge making its way through CUNY accounts. “Typically, a student is phished and the criminals use that account to send thousands – or possibly hundreds of thousands – of other scam and phishing messages cyclically,” Brooklyn College Media Relations Manager Rich Pietras told The Vanguard.
More than 2.2 million scam complaints have been filed in the last five years, according to the FBI’s Internet Crime Complaint Center (IC3). Losses reportedly totaled more than $13 billion for victims since 2016. In 2020 alone, the IC3 reported nearly 800,000 complaints and more than $4 billion in losses, with phishing scams ranking as the most common.
Students are predominantly affected by these phishing attacks that can take the form of a “spray-and-pray,” where “a low-effort scam is sent to a very large number of recipients,” Pietras explained. Even a minimal response rate can be profitable for scammers.
The most effective method to deal with these scams is user education and promoting awareness of red flags. In observance of Cyber Security Awareness Month, CUNY is releasing information on how to avoid different digital attacks, with their second week focused on phishing. Beyond user education, Brooklyn College has implemented its own protective measures. “[…]We use many technological means to detect and block incoming fraudulent mail,” said Pietras. However, he warned that criminals can “work from inside the systems” should a student’s account be compromised by a scammer.
For any questions about phishing or to report a suspicious message on BCMail, email